Italy has had many cyberattacks since 2021, growing yearly and impacting more companies and persons. Is the cybersecurity situation in Italy a cause for concern?
In this article, I will review Italy’s cybersecurity statistics focusing on incidents, adoption, and the Italian cybersecurity market as a whole, and provide relevant insights.
Top 6 Italy Cybersecurity Statistics (Editor’s Pick)
- In 2022, Italy was fifth globally for malicious mailing attacks.
- Telecom Italia S.p.A. was the Italian company most impacted by DDoS attacks in 2022.
- 81.7% of Italians were concerned about the theft of their data online in 2022.
- Italy issued 117 GDPR fines in 2022.
- Italy announced its first national cybersecurity strategy in March 2022.
- In 2021, 170 million EUR was invested in the cybersecurity market in Italy.
Italy Cybersecurity Incident Statistics
1. In 2022, the Italian IT police unit detected 12,497 cyberattacks in the country.
That is almost twice as many as the 5,434 cyberattacks detected in 2021.
On average, they handled 15 cyberattacks daily against organizations and objects of significant infrastructure in 2021.
2. In 2022, Italy was fifth globally for malicious mailing attacks.
4.76% of malicious email attachments were blocked in Italy that year.
The country follows Spain, Russia, Mexico, and Brazil.
That year, attacks in the cybercrime category in Italy were at their highest in 11 years. 11% of Italian cyberattacks were related to espionage or sabotage, 2% to information warfare, and 1% to hacktivism.
4. 61% of Italian organizations were hit by ransomware in 2021.
And 43% of companies in Italy who had their data encrypted in a ransomware attack paid the ransom. The average ransom payment in Italy was $709,746, and the average cost of rectifying a ransomware attack was $1.65 million.
5. There were 850 malware attacks reported in Italy in 2021.
There were more malware cyberattacks in Italy than in any other category reported to the country’s Computer Emergency Response Team in 2021.
Here is a table illustrating the number of reported cyberattacks in each category in the country that year:
|Attack type||Number of attacks|
|Social engineering and phishing||203|
6. E-commerce and media were most targeted by cyberattacks in Italy in 2021-2022.
Between June 2021-June 2022, these industries suffered the most cyberattacks in Italy, with healthcare and manufacturing following closely.
Customer data leaks were the most common consequence of cyberattacks.
7. In the first 10 months of 2022, Italy suffered 7% more ransomware attacks than in January-October of 2021.
The Italian manufacturing sector suffered the most ransomware attacks in that period. Professional services and the public sector came second and third for ransomware attacks, respectively.
8. Milan received the most DDoS attacks in 2022 in Italy.
Milan suffered over 5,000 DDoS attacks in 2022. The Italian capital city Rome suffered over 2,000 such attacks, and Caniacitti and Perugia each suffered over 1,000 DDoS attacks that year.
9. Telecom Italia S.p.A. was the Italian company most impacted by DDoS attacks in 2022.
The Italian telco organization received over 4,500 DDoS attacks in 2022.
Its subsidiary Telecom Italia S.p.A. TIN EASY LITE suffered over 2,800 such attacks, and Vodafone Italia received 2,000 DDoS attacks in 2022.
10. In 2022, 30% of Italian companies believed in a high or very high probability of a cyber attack on them.
24% of Italian companies thought the probability of such an attack within the next 12 months was high, and 6% thought it was very high. 49% considered it a medium probability. Only 2% of companies thought the probability of a cyberattack was non-existent.
11. 611 Italians were hurt by stalkerware in 2021.
In total, stalkerware hit 4,236 Internet users in Europe in 2021.
Italy had the second-highest stalkerware victims after Germany (14.5% of the overall amount).
12. 61.6% of Italians took cybersecurity measures in 2022.
For graduates, that figure was 69.1%.
82% of those Italians concerned used cybersecurity software on their devices.
18% used an expert, while 28.1% did not take any measures to protect themselves against cyberattacks.
13. In 2022, 88.6% of Italians who used cybersecurity measures on their devices were people in the workforce.
Of those who turned to an expert for cybersecurity support, 36.4% were older adults, 23.9% were people without higher education, 21.5% were women.
14. 81.7% of Italians were concerned about the theft of their data online in 2022.
Among the online activities Italians perceived as the riskiest for their personal information were Internet browsing (57.8%) and social media (54.6%).
Here is a table specifying other online activities perceived as most dangerous:
|Paying bills online||38.4%|
|Digital government services||30.8%|
15. 64.6% of Italians were targets of deceptive emails in 2022.
These emails aimed to extort personal information by pretending to be from banks or other organizations. Meanwhile, 44.9% of Italians were infected by a virus in 2022, with graduates and young people making up over 50%.
Below is a table breaking down the statistics of Italian victims of different cybersecurity incidents across different age groups:
|Deceptive (scam) email||75.6%||74.2%||38.9%|
|Unrecognized online payments in their name||26.1%||19.2%||6.9%|
|Cloned credit/debit card||18.8%||16.9%||6.1%|
16. An Italian fashion chain was hit by ransomware in 2021.
Ragnarok ransomware attacked Italian men’s clothing chain Boggi Milano in the spring of 2021. The malicious actors stole 40 GB of data related to customers and employees.
17. A company providing Italian schools with online systems experienced a ransomware attack in 2021.
Company Axios, which provides electronic registry software to 40% of Italian schools, experienced a ransomware attack in April of 2021. The attack knocked out the entire registry system, and the perpetrators demanded ransom.
18. A 2021 cyberattack knocked out the Lazio Region’s Covid-19 vaccine booking system.
In July 2021, the Italian Lazio Region suffered a ransomware attack, which put the regional council’s portal and the Covid-19 vaccine booking portal out of action.
No personal data was leaked.
19. An Italian snack company suffered a ransomware attack in 2021.
International group of cybercriminals Conti hit the Italian company San Carlo with a ransomware attack in October 2021. The company had its data backed up, so it did not pay the ransom.
20. Palermo suffered a ransomware cyberattack in 2022 that shut down all systems.
In June of 2022, the Italian city of Palermo was hurt by a major ransomware attack.
It resulted in a shutdown of all online systems, citizens relying on fax machines to reach government services, and tourists unable to book attractions online.
21. The Italian Rivoli Municipality’s IT systems suffered a cyberattack in 2022.
In January 2022, a hacker attack on the Municipality of Rivoli blocked all computers, rendering the files and databases inaccessible. The municipality partially resumed its services a week later.
22. Vilafranca Municipality was hit by a malware attack in 2022.
In March 2022, the Italian Municipality of Vilafranca in Verona suffered a crypto locker malware attack that blocked access to all its data. The hackers demanded a ransom, but the municipality recovered the data.
23. Two Italian energy companies suffered cyberattacks in August 2022.
Italian energy companies Eni and GSE suffered ransomware attacks in the summer of 2022. While the Eni attack had no major impact, hacker group BlackCat that attacked GSE stole over 700 GB of data and compromised the agency’s servers, rendering employees unable to access the data.
24. An Italian cybersecurity agency suffered a cyber attack in February 2023.
The website of the Agenzia per la Cybersicurezza Nazionale (ACN) experienced an attack on its website. The attack came after ACN warned about a major global ransomware attack.
25. Italy suffered eight cyberattacks from November 1-11, 2022.
Here is a table with more details on some of these attacks:
|Date||Victim||Type of attack||Details||Perpetrator|
|1.11.2022||An Italian e-commerce company||Leak of 35 million transactions||Records were listed for sale for $5k||XSS|
|3.11.2022||Landi Renzo||Ransomware||535 GB of files exfiltrated||Hive|
|4.11.2022||Fratelli Veroni||Ransomware||Personal data, contracts, product specification data exfiltrated and published||Royal Ransomware|
|4.11.2022||Vodafore Italia||Data breach||Sensitive subscriber data breached||KelvinSecurity|
Legal Statistics & Facts About Cybersecurity in Italy
26. Italy issued 117 GDPR fines in 2022.
The highest GDPR fine issued in 2022 by Italy was issued in February 2022 to Clearview AI for “Non-compliance with general data processing principles” and amounted to EUR 20 million. Italy is in second place behind Spain for total GDPR fines issued.
27. Italy announced its first national cybersecurity strategy in March 2022.
The strategy comprises 82 cybersecurity measures to be realized by 2026.
According to the strategy, Italy will divert 1.2% of annual growth national investment to cybersecurity.
28. 15% of serious crimes reported in Italy in 2021 were cybercrimes.
The percentage amounts to 142,368 crimes committed online.
Many were related to identity theft and fraud.
Italian Cybersecurity Market Statistics
29. Italian cybersecurity market revenue is forecast to reach $3.74 billion by 2027.
That growth will be possible thanks to a compound annual growth rate (CAGR) of 9.09% from 2023. The market’s revenue is expected to be $2.64 billion in 2027.
30. Italian cybersecurity market generated EUR 1.63 billion in revenue in 2021.
Most of that revenue was generated by the IT services market segment – EUR 0.91 billion. The hardware segment generated the least amount of revenue.
Cybersecurity in Italy in the Workplace - Statistics, Facts & Trends
31. In 2021, 170 million EUR was invested in the cybersecurity market in Italy.
In 2022, that figure grew to EUR 190.4 million. However, it is projected to drop to EUR 174 million in 2023 and EUR 88.6 million in 2024.
32. Anti-malware, antivirus, and endpoint tools were used as cybersecurity measures by 91% of Italian companies in 2022.
The second most popular cybersecurity protection tool among Italian companies was intrusion detection systems. They were adopted by 70% of organizations.
33. In 2021, key cybersecurity concerns of Italian boards of directors were loss of customers and reputational damage.
Both customer loss and reputational damage were key concerns for 36% of boards of directors of Italian companies. For 35%, the most vital concern was significant downtime.
Here is a table specifying Italian boards of directors’ biggest security concerns, compared to the global statistics.
|Board of Directors’ primary concern||Percentage of Italian directors for whom it was a primary concern||Percentage of directors globally for whom it was a primary concern|
|Effect on business valuation||26%||36%|
|Damage to the company’s reputation||36%||35%|
|Losing existing customers||36%||35%|
|No significant concerns||0%||1%|
34. As of 2022, 35% of Italian companies adopted a Zero Trust model.
Most common reason for Zero Trust adoption in Italian companies was safety and data protection (true for 77% of organizations). 43% of Italian companies did not have a Zero Trust model in place but were planning to adopt it, and 19% were not planning to do so.
35. 59% of Italian cybersecurity officers prioritized ransomware and malware prevention in 2022.
For 55% of in-house cybersecurity professionals in Italy, the priority was ICT security awareness. Less than 10% of them prioritized cybersecurity insurance.
36. 65.9% of Italian employees would have liked to receive cybersecurity training in 2022.
Only 37.9% of workers in Italy received cybersecurity training in the workplace.
That figure is higher for C-suite executives – 56.8% had some cybersecurity training in 2022.
Is Cybersecurity a Major Issue in Italy?
Like most other countries, Italy is facing many cyberattacks that cause much damage.
This is why the Italian government adopted a country-wide cybersecurity strategy with ambitious targets to mitigate cybersecurity risks.
Italy is not unique in that regard, however. Do you want to know the cybersecurity statistics of other European countries? Start with our article on Spanish cybersecurity statistics!